"By default, Remote Desktop connections are encrypted at the highest level of security available (128-bit). However, some older versions of the Remote Desktop Connection client application do not support this high level of encryption."

Did the machines get moved to a different OU before you removed them from the domain? If the OU had RDP disabled, when you left the domain, the policy may have remained behind. You might try rejoining the domain and ensuring RDP is enabled via group policy.